u-boot.git/drivers/crypto, branch v2015.07

Merge branch 'master' of git://git.denx.de/u-boot-mpc85xx

2015-03-06T01:50:30+00:00

rsa : Compile Modular Exponentiation files based on CONFIG_RSA_SOFTWARE_EXP

2015-03-05T20:04:59+00:00

Remove dependency of rsa_mod_exp from CONFIG_FIT_SIGNATURE.
As rsa modular exponentiation is an independent module
and can be invoked independently.

Signed-off-by: Gaurav Rana 
Acked-by: Simon Glass 
Reviewed-by: York Sun

imx6: Added DEK blob generator command

2015-03-02T08:57:06+00:00

Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for
protecting a DEK for non-secure memory storage.
SEC block protects data in a data structure called
a Secret Key Blob, which provides both confidentiality
and integrity protection.
Every time the blob encapsulation is executed,
a AES-256 key is randomly generated to encrypt the DEK.
This key is encrypted with the OTP Secret key
from SoC. The resulting blob consists of the encrypted
AES-256 key, the encrypted DEK, and a 16-bit MAC.

During decapsulation, the reverse process is performed
to get back the original DEK. A caveat to the blob
decapsulation process,  is that the DEK is decrypted
in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.

Commands added
--------------
  dek_blob - encapsulating DEK as a cryptgraphic blob

Commands Syntax
---------------
  dek_blob src dst len

    Encapsulate and create blob of a len-bits DEK at
    address src and store the result at address dst.

Signed-off-by: Raul Cardenas 
Signed-off-by: Nitin Garg 

Signed-off-by: Ulises Cardenas 

Signed-off-by: Ulises Cardenas-B45798

crypto/fsl - Add progressive hashing support using hardware acceleration.

2015-02-25T21:20:02+00:00

Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.

Signed-off-by: Ruchika Gupta 
Signed-off-by: Gaurav Rana 
CC: Simon Glass 
Reviewed-by: Simon Glass 
Reviewed-by: York Sun

crypto/fsl: Make function names consistent for blob encapsulation/decapsulation.

2015-02-25T21:19:48+00:00

This patch does the following:

1. The function names for encapsulation and decapsulation
were inconsitent in freescale's implementation and cmd_blob file.
This patch corrects the issues.
2. The function protopye is also modified to change the length parameter
from u8 to u32 to allow encapsulation and decapsulation of larger images.
3. Modified the description of km paramter in the command usage for better
readability.

Signed-off-by: Gaurav Rana 
Reviewed-by: Ruchika Gupta 
Reviewed-by: York Sun

DM: crypto/fsl - Add Freescale rsa DM driver

2015-01-30T00:09:58+00:00

Driver added for RSA Modular Exponentiation using Freescale Hardware
Accelerator CAAM. The driver uses UCLASS_MOD_EXP

Signed-off-by: Ruchika Gupta 
CC: Simon Glass 
Acked-by: Simon Glass

DM: crypto/rsa_mod_exp: Add rsa Modular Exponentiation DM driver

2015-01-30T00:09:58+00:00

Add a new rsa uclass for performing modular exponentiation and implement
the software driver basing on this uclass.

Signed-off-by: Ruchika Gupta 
CC: Simon Glass 
Acked-by: Simon Glass

crypto/fsl: Add fixup for crypto node

2015-01-24T04:29:14+00:00

Era property is added in the crypto node in device tree.
Move the code to do so from arch/powerpc/mpc8xxx/fdt.c to
drivers/sec/sec.c so that it can be used across arm and
powerpc platforms having crypto node.

Signed-off-by: Ruchika Gupta 
[York Sun: Fix commit message indentation]
Reviewed-by: York Sun

crypto/fsl: Fix RNG instantiation failure.

2014-12-15T17:16:26+00:00

Corrected the order of arguments in memset in run_descriptor
function. Wrong order of argumnets led to improper initialization
of members of struct type result. This resulted in RNG instantiation
error.

Signed-off-by: Gaurav Rana 
Reviewed-by: York Sun

crypto/fsl: Add command for encapsulating/decapsulating blobs

2014-10-16T21:20:40+00:00

Freescale's SEC block has built-in Blob Protocol which provides
a method for protecting user-defined data across system power
cycles. SEC block protects data in a data structure called a Blob,
which provides both confidentiality and integrity protection.

Encapsulating data as a blob
Each time that the Blob Protocol is used to protect data, a
different randomly generated key is used to encrypt the data.
This random key is itself encrypted using a key which is derived
from SoC's non volatile secret key and a 16 bit Key identifier.
The resulting encrypted key along with encrypted data is called a blob.
The non volatile secure key is available for use only during secure boot.

During decapsulation, the reverse process is performed to get back
the original data.

Commands added
--------------
    blob enc - encapsulating data as a cryptgraphic blob
    blob dec - decapsulating cryptgraphic blob to get the data

Commands Syntax
---------------
	blob enc src dst len km

	Encapsulate and create blob of data $len bytes long
	at address $src and store the result at address $dst.
	$km is the 16 byte key modifier is also required for
	generation/use as key for cryptographic operation. Key
	modifier should be 16 byte long.

	blob dec src dst len km

	Decapsulate the  blob of data at address $src and
	store result of $len byte at addr $dst.
	$km is the 16 byte key modifier is also required for
	generation/use as key for cryptographic operation. Key
	modifier should be 16 byte long.

Signed-off-by: Ruchika Gupta 
Reviewed-by: York Sun